commit | fbc30893106df9b55f0c73a8727575824b86c71b | [log] [tgz] |
---|---|---|
author | A. Cody Schuffelen <schuffelen@google.com> | Tue May 07 16:23:54 2024 -0700 |
committer | A. Cody Schuffelen <schuffelen@google.com> | Tue May 07 16:56:42 2024 -0700 |
tree | c4a51c380a22e3de90d62899812666a0bfe18c82 | |
parent | 27db8f3a135903b300a943006423a2100c953a11 [diff] |
insecure keymint: in-process initialization ordering This creates an ordering of 1. In-memory HALs are initialized 2. Secure AIDL HALs are exposed There are some dependencies on the information, e.g. Boot info: https://cs.android.com/android/platform/superproject/main/+/main:system/keymint/ta/src/keys.rs;l=705;drc=72ed18b226a9944330ecd97d776d57ea1b2eb9e8 https://cs.android.com/android/platform/superproject/main/+/main:system/keymint/ta/src/lib.rs;l=356;drc=4f8cad1bf0b3392414e5735b95a7c5d80d64d6e6 https://cs.android.com/android/platform/superproject/main/+/main:system/keymint/ta/src/rkp.rs;l=75;drc=747e5931be387fb600f6865d2308390646243610 HAL info: https://cs.android.com/android/platform/superproject/main/+/main:system/keymint/ta/src/rkp.rs;l=79;drc=747e5931be387fb600f6865d2308390646243610 Bug: b/339121782 Test: launch_cvd --resume=false --secure_hals=oemlock:guest_insecure_keymint:guest_insecure_gatekeeper Change-Id: Ifbe8655bf14c248e886725217d261dae5458e15f